bug-grub
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug #51153] SYSLINUX config parsing is very fragile

From: felix
Subject: [bug #51153] SYSLINUX config parsing is very fragile
Date: Thu, 1 Jun 2017 06:00:21 -0400 (EDT)
User-agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10136 
URL:
  <http://savannah.gnu.org/bugs/?51153>

                 Summary: SYSLINUX config parsing is very fragile
                 Project: GNU GRUB
            Submitted by: felix_s
            Submitted on: Thu 01 Jun 2017 10:00:20 AM UTC
                Category: None
                Severity: Major
                Priority: 5 - Normal
              Item Group: Software Error
                  Status: None
                 Privacy: Public
             Assigned to: None
         Originator Name: 
        Originator Email: 
             Open/Closed: Open
         Discussion Lock: Any
                 Release: 
                 Release: Git master
         Reproducibility: Every Time
         Planned Release: None

    _______________________________________________________

Details:

Attached are two config files. One of them produces a crash (null pointer
dereference) when fed to grub-syslinux2cfg or GRUB's syslinux_configfile
command; the other produces an unhelpful 'kernel without label' message,
without even so much as a line number. Both are understood by vanilla SYSLINUX
normally; they are variously processed versons of SYSLINUX config file from
SystemRescueCd.

The former bug is because the command-line arguments to ifcpu64.c32 are
misparsed (GRUB's parser doesn't understand command-line arguments for kernel
alternatives); the latter is because cmd_menudefault doesn't understand a
label specifier in a MENU DEFAULT statement.

The SYSLINUX config parsing code generally seems quite fragile. From a very
cursory inspection, I've noticed a potential memory leak when encountering
multiple DEFAULT statements (cmd_default). A more thorough audit may reveal
more such issues.




    _______________________________________________________

File Attachments:


-------------------------------------------------------
Date: Thu 01 Jun 2017 10:00:20 AM UTC  Name: crash.syslinux.cfg  Size: 6kB  
By: felix_s

<http://savannah.gnu.org/bugs/download.php?file_id=40831>
-------------------------------------------------------
Date: Thu 01 Jun 2017 10:00:20 AM UTC  Name: syslinux.cfg  Size: 20kB   By:
felix_s

<http://savannah.gnu.org/bugs/download.php?file_id=40832>

    _______________________________________________________

Reply to this item at:

  <http://savannah.gnu.org/bugs/?51153>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.gnu.org/
reply via email to
[Prev in Thread] Current Thread [Next in Thread]